A computer system having network controlled security administered in conjunction with a prescribed network server of a computer network includes at least one processor, at least one memory, and a device for communicating with the prescribed network server. operating system software is provided for use in booting up an operating system. The computer system further includes basic input output system (BIOS) firmware, the BIOS having a security measure. The security measure is implemented by the processor prior to a booting up of the operating system and in conjunction with the prescribed network server. Booting up of the operating system by the processor is controlled in response to the security measure.
|
1. A computer system having network controlled security administered in conjunction with a prescribed network server, said computer system comprising:
at least one processor; at least one memory; operating system software for use in booting up an operating system; device for communicating with the prescribed network server; basic input output system (BIOS) firmware including a network controlled security measure, the security measure implemented by said processor prior to a booting up of the operating system and in conjunction with the prescribed network server, the security measure configured to require an authentication from the prescribed network server to operate and, without authentication, the security measure configured to halt practical operation of the computer system until such time as the network authentication is received, wherein the security measure controls the booting up of the operating system by said processor by one selected from allowing booting up and preventing booting up, and an authentication timer, said authentication timer for use in timing a duration of a prescribed network security authentication interval of the security measure, wherein upon an expiration of said authentication timer, the security measure prevents booting up of the operating system.
19. A method of network controlled security for a computer system administered in conjunction with a prescribed network server comprising:
providing at least one processor; providing at least one memory; operating system software for use in booting up an operating system; communicating with the prescribed network server; providing basic input output system (BIOS) firmware including a network controlled security measure, the security measure implemented by the processor prior to a booting up of the operating system and in conjunction with the prescribed network server, the security measure configured to require an authentication from the prescribed network server to operate and, without authentication, the security measure configured to halt practical operation of the computer system until such time as the network authentication is received, wherein the security measure controls the booting up of the operating system by said processor by one selected from allowing booting up and preventing booting up; and providing an authentication timer, the authentication timer for use in timing a duration of a prescribed network security authentication interval of the security measure, wherein upon an expiration of the authentication timer, the security measure prevents booting up of the operating system.
15. A computer network for implementing network controlled security of a computer system, said computer network comprising:
a network server for administering network controlled security; and at least one computer system, said at least one computer system including: at least one processor; at least one memory; operating system software for use in booting up an operating system; device for communicating with said network server; basic input output system (BIOS) firmware including a network controlled security measure, the security measure implemented by the processor prior to a booting up of the operating system and in conjunction with said network server, the security measure configured to require an authentication from the prescribed network server to operate and, without authentication, the security measure configured to halt practical operation of the computer system until such time as the network authentication is received, wherein the security measure controls the booting up of the operating system by said processor by one selected from allowing booting up and preventing booting up; and an authentication timer, the authentication timer for use in timing a duration of a prescribed network security authentication interval of the security measure, wherein upon an expiration of the authentication timer, the security measure prevents booting up of the operating system. 2. The computer system of
3. The computer system of
4. The computer system of
5. The computer system of
6. The computer system of
7. The computer system of
a setup response timer, said setup response timer for timing out the awaiting of the network controlled security authentication response from the network server.
8. The computer system of
9. The computer system of
10. The computer system of
12. The computer system of
13. The computer system of
14. The computer system of
16. The computer network of
17. The computer network of
18. The computer network of
20. The method of
21. The method of
22. The method of
23. The method of
24. The computer system of
25. The method of
providing a setup response timer, the setup response timer for timing out the awaiting of the network controlled security authentication response from the network server.
26. The method of
27. The method of
providing a motherboard, wherein the at least one memory is disposed upon the motherboard.
28. The method of
29. The method of
30. The method of
31. The method of
32. The method of
|
|||||||||||||||||||||||||
The disclosures herein relate generally to computer systems, and more particularly, to security of a computer system such as a portable notebook computer.
Current security measures used with respect to portable computers and computer systems fail to prevent authorized users from stealing a respective portable computer or computer system. One current security measure includes use of a system password for enabling a user to use the computer system. The system password however does not prevent anyone who knows the password (e.g., an authorized user) from stealing the computer and thereafter being able to continue using the computer. Another security measure includes the use of a hard disk drive password. The use of a hard disk drive password only serves to protect the hard disk drive, and can be bypassed by merely replacing the hard disk drive. Other security measures include the use of various locks and other physical attachment devices. A committed individual can forcibly remove such physical attachments, whereas, an authorized user with an appropriate key can merely use the key to unlock the computer from its physical constraint and thereby steal the computer. Lastly, a security measure making use of operating system level passwords can be bypasses by reinstalling of the computer operating system. The use of operating system level passwords thus does not provide a very high level of security against computer theft by an authorized user.
It would thus be desirable to provide an improved level of security and an improved security measure against undesired theft of a computer system, especially, a portable computer system.
According to one embodiment, a computer system having network controlled security administered in conjunction with a prescribed network server of a computer network includes at least one processor, at least one memory, and a device for communicating with the prescribed network server. Operating system software is provided for use in booting up an operating system. The computer system further includes basic input output system (BIOS) firmware, the BIOS having a security measure. The security measure is implemented by the processor prior to a booting up of the operating system and in conjunction with the prescribed network server. Booting up of the operating system by the processor is controlled in response to the security measure.
The embodiments of the present disclosure advantageously provide an improved level of security and an improved security measure against undesired theft of a computer system, especially, a portable computer system.
The foregoing and other teachings and advantages of the present invention will become more apparent upon a detailed description of the best mode for carrying out the invention as rendered below. In the description to follow, reference will be made to the accompanying drawings, in which:
Referring briefly to
Turning now to
The computer system 12 further includes a motherboard 32. The processor 20 is disposed on the motherboard 32. In addition, any RAM, NVRAM or ROM of the storage devices 26 may also be disposed upon motherboard 32.
With reference to
In addition to the above, the computer system 12 further includes an authentication timer for use in timing a duration of a prescribed network security authentication interval. The authentication timer includes a software timer using an encrypted count, the encrypted count being stored in a non-volatile random access memory of the storage devices (26). In a preferred embodiment, the software timer is updated with the use of periodic system management interrupts (SMI). SMI is a highest level interrupt in the computer system and used by the BIOS only. In another embodiment, the software timer is updated with the use of periodic system configuration interrupts (SCI).
With respect to the authentication timer and SMI, the timer may be established where an SMI is generated on one minute intervals. In an SMI mode, the timer value can be decremented. The decremented timer value can then be written back into a NVRAM, the value being in an encrypted form not readily recognizable by a typical user. The encrypted timer value could also be stored in a flash memory or a BIOS memory.
The security measure of the BIOS further enables the processor 20 to communicate an authentication request to the prescribed network server 14, causing the processor to await a network controlled security authentication response, and resetting the authentication timer in response to the network controlled security authentication response. Upon an expiration of the authentication timer, booting of the operating system by the processor 20 is prevented until the network controlled security authentication response has been received and the authentication timer has been reset in response to the network controlled security authentication response. In one embodiment, the prescribed network security authentication interval is a fixed interval. In another embodiment, the prescribed network security authentication interval is an interval subject to being changed in accordance with requirements of a particular network controlled security implementation.
The BIOS firmware may further include executable instructions to be carried out by the processor 20 for determining if the network controlled security authentication response is a valid response. If valid, then the processor 20 would proceed in resetting the authentication timer. If no valid, then the processor 20 would continue awaiting receipt of a valid network controlled security authentication response.
The computer system 12 may further include a setup response timer. The setup response timer is provided for timing out the awaiting of the network controlled security authentication response from the network server. In the event that a response from the network server is not received within a prescribed setup interval, the processor would check to determine if the authentication timer has expired. If the authentication timer has not expired, then the processor would continue with POST and OS loading.
Further according to the present embodiments, the security measure includes a direct communication link established between a server based management application and a computer system level software BIOS. Such a communication link provides for enhancing security of the computer system and deterring its theft, as discussed herein. The security measure requires an authorization to operate from a prescribed network server. Without the authorization, the BIOS of the computer system halts all practical operation of the computer system, until such time as the network authorization is received.
According to the present embodiments, the authorization occurs prior to a booting up of the operating system of the computer system. As a result, the security measure is advantageously made independent of the particular computer's operating system and hard drive. In addition, the security measure is silent and does not require any computer user input. Furthermore, the security measure is always active.
For computers which are not expected to operate outside of a network, the security measure as discussed herein can implement the authentication upon every boot of the particular computer system. It is not necessary to get an authorization to boot on every boot however, for instance, with respect to portable computers or computers intending to operate in a stand-alone mode. Portable computers or other computers in a stand-alone mode are likely to operate remotely without a network connection at various times. However, it is still required that the computer system incorporating the security measure of the present disclosure receive an authorization during a specified time period, or security check interval. Such a time period or security check interval may include a daily interval, weekly interval, monthly interval or any other duration of time as may be established for a given security policy.
The security check interval may further include a interval which is selectable according to the type of computer system incorporating the security measure. For instance, a portable computer may be assigned a first security check interval and a desktop computer system which is not expected to operate without a network connection may be assigned a second security check interval. The first security check interval can be made longer than the second security check interval, according to a particular security policy.
With reference now to
In step 54, a network authentication request message is transmitted to the network server. In step 56, an inquiry is made as to whether or not the network response has been received. If not, then the process proceeds to step 58. In step 58, an inquiry is made as to whether or not the setup response timer has expired. If not, then the process returns to step 56 as shown.
The waiting period includes a specified period of time during which a particular computer system waits for a network response upon a boot up of the computer system. The waiting period or time interval for the setup response timer may include on the order of a few seconds to several minutes, as may be established for a particular network connection. The setup response timer is used for initiating a given action, to be discussed further herein, upon expiration of the setup response timer interval (step 58). The setup response timer is necessary so as not to wait indefinitely for a network response. The setup response timer may include a software implemented timer, a chipset based timer, or any other suitable timer contained within the computer system for providing the desired network response waiting period.
Returning briefly to step 54, the BIOS creates a special packet containing a Network Authentication Request (NAR) message. The NAR message is intended to be received by a management software running on a host server for the given network to which the computer system is connected. The NAR message can further include at least an identity, such as a serial number, asset tag number, or the like, which identifies the specific computer to the host server. The host server responds with an Authenticating Message (AM). The AM message may include the contents of the original NAR message plus a signature. The signature may contain an encrypted key that only the prescribed host server can generate. Alternatively, the signature may include a predefined packet that the client side BIOS understands to be a valid message for resetting the authentication timer. In step 56, if a network response has been received, then the process proceeds with step 60.
In step 60, an inquiry is made as to whether or not the message is a valid message. That is, the BIOS firmware includes executable instructions to be carried out by the processor for determining if the network controlled security authentication response is a valid response, and if valid, then resetting the authentication timer in step 62. If not valid, the process returns to step 56 to await receipt of a network response. To further improve a security, the client computer system and host server may use key pairs, such as defined, for example, in Wired For Management Baseline Ver. 1.81, Section 5.2.4. or any other private and public keys and their implementation as known in the art. The same key pair used to receive digitally signed boot images would be used to receive a digitally signed Authenticating Message that can be verified by the BIOS on the client computer system. That is, the digitally signed Authenticating Message can be used by the BIOS of the client computer system to verify that the Authenticating Message is coming from a legitimate server.
The client computer waits for a response from the server before the setup response timer waiting period expires (Steps 56 and 58). During the waiting period, the response timer continues to run or count down.
If the setup response timer expires (Step 58), then the BIOS proceeds with a check up on the Authentication Timer (Step 64). The Authentication Timer can include a software timer stored in non-volatile memory of the computer system. The authentication timer starts with a selected value, usually established and setup by a network administrator or person having a high security clearance in connection with the particular computer security policy. The BIOS counts down the authentication timer at a system level on a regular basis. Upon an expiration of the authentication timer, the process continues at Step 66, where an appropriate failure message is displayed on the computer display. For example, a message indicating that network authentication is required can be displayed. Upon reaching Step 66, the BIOS will not thereafter boot the particular computer system without first receiving an authentication from the prescribed network server (Step 68). Furthermore, the authentication timer is preferably updated during a prescribed periodic system management interrupt (SMI) within the computer system. The authentication timer is a counter which counts each time the prescribed periodic system management interrupt is generated. The counter value is preferably stored in non-volatile random access memory (NVRAM). The counter value can further be encrypted with the use of any suitable encryption algorithm. The counter value may further be stored in a checksum region of the NVRAM.
When the setup response timer has expired (Step 58) and the authentication timer has not (Step 64), the BIOS allows a power on self test (POST) and operating system (OS) booting (Step 70). A normal operation of the computer system continues in Step 72. If the authentication timer has expired (Step 64), then the BIOS prevents and/or halts POST and OS booting. If the authentication timer is set to zero, then authentication will be required on every boot. If POST were not included in the BIOS firmware, then, at a minimum, the BIOS halts the OS booting and thus effectively halts all practical continued usage of the computer system until an authentication message is received.
In addition to the above, when the computer system is undergoing a transition from a low power mode to a full power mode while connected to the network server, authentication may be required if the authentication timer expires. That is, protection can be provided against any attempted bypassing of the security measure through the suspending of the computer system and never turning the computer system off. In this case, when the BIOS is bypassed by the OS, appropriate advanced configuration and power interface (ACPI) steps are implemented that check the authentication timer and halt the resuming of full power mode operation upon an expiration of the authentication timer. Furthermore, in an ACPI environment when periodic SMI are not allowed, an embedded controller of the computer system is used to generate a periodic system configuration interrupt (SCI). The periodic system configuration interrupt would function in a manner similar to that discussed herein with respect to the periodic SMI for updating of the authentication timer.
Returning briefly to Step 56, if an authenticating message is received from the network server prior to expiration of the setup response timer, the message can then be verified in Step 60 to determine that it is originating from a legitimate source. Upon verification of the authenticating message, the authentication timer is reloaded with the original authentication timer value in Step 62 and BIOS continues with POST and OS loading in Step 70, as discussed. A normal operation of the computer system continues in Step 72. Upon a failure to validate a message in Step 60, the BIOS returns to Step 56 and continues checking for a network response, while the setup response timer continues to count down.
The present embodiments advantageously provide an improved security measure for a computer system. The present embodiments utilize a client-server architecture. The security measure is furthermore highly advantageous in connection with a portable computer, since circumventing of the security measure would require replacement of the computer system's motherboard and wherein the motherboard makes up a large percentage of the portable computer system. According to the embodiments of the present disclosure, the computer system is effectively rendered useless in the absence of an authentication timer reset from a prescribed network server. The present embodiments advantageously provide a BIOS level security measure which can be actuated and run during a POST and prior to an operating system boot of the computer system.
While the method and apparatus of the present disclosure have been particularly shown and described with reference to the various embodiments thereof, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the method and apparatus, as set forth in the following claims.
| Patent | Priority | Assignee | Title |
| 10049234, | Sep 28 2012 | Intel Corporation | Secure access management of devices |
| 10482254, | Jul 14 2010 | Intel Corporation | Domain-authenticated control of platform resources |
| 11200065, | Dec 15 2017 | Hewlett-Packard Development Company, L.P.; HEWLETT-PACKARD DEVELOPMENT COMPANY, L P | Boot authentication |
| 11366906, | Jul 14 2010 | Intel Corporation | Domain-authenticated control of platform resources |
| 6658562, | Aug 25 2000 | LENOVO SINGAPORE PTE LTD | Method, system, and program for customizing a basic input/output system ("BIOS") configuration according to the type of user |
| 7103641, | Jun 18 2001 | Intel Corporation | Method and apparatus for distributing computer platform firmware across a network |
| 7289632, | Jun 03 2003 | AVAGO TECHNOLOGIES GENERAL IP SINGAPORE PTE LTD | System and method for distributed security |
| 7302698, | Sep 17 1999 | Facebook, Inc | Operation of trusted state in computing platform |
| 7350067, | Jun 22 2005 | Hewlett-Packard Development Company, L.P.; HEWLETT-PACKARD DEVELOPMENT COMPANY, L P | Bios security management |
| 7555551, | Apr 13 2005 | NORTONLIFELOCK INC | Automatic controllable deployment of software updates |
| 7653727, | Mar 24 2004 | Intel Corporation | Cooperative embedded agents |
| 7681226, | Jan 28 2005 | Cisco Technology, Inc.; Cisco Technology, Inc | Methods and apparatus providing security for multiple operational states of a computerized device |
| 7765597, | Feb 11 2004 | MICRO FOCUS LLC | Integrated crawling and auditing of web applications and web content |
| 7768434, | Jun 03 2003 | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | Systems and methods for digital upconversion for television signals |
| 7793339, | Sep 28 2005 | Hewlett-Packard Development Company, L.P.; HEWLETT-PACKARD DEVELOPMENT COMPANY, L P | Devices and methods of using network information in an authorization process |
| 7797729, | Sep 06 2005 | O2MICRO INTERNATIONAL LTD | Pre-boot authentication system |
| 8111183, | Jun 03 2003 | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | Systems and methods for digital upconversion for digital signals |
| 8230480, | Apr 26 2004 | AVAYA LLC | Method and apparatus for network security based on device security status |
| 8298295, | Sep 28 2007 | Intel Corporation | Theft-deterrence method and apparatus for processor based devices |
| 8346305, | Sep 25 2009 | Intel Corporation | Theft deterrent techniques and secure mobile platform subscription for wirelessly enabled mobile devices |
| 8484450, | Dec 02 2009 | LNW GAMING, INC | Authentication system for gaming machines and related methods |
| 8560648, | Nov 10 2010 | Microsoft Technology Licensing, LLC | Location control service |
| 8566945, | Feb 11 2004 | MICRO FOCUS LLC | System and method for testing web applications with recursive discovery and analysis |
| 8707402, | Jun 22 2011 | Amazon Technologies, Inc.; Amazon Technologies, Inc | Secure computer provisioning |
| 8713309, | Jun 03 2003 | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | System and method for distributed security |
| 8726000, | Dec 02 2009 | LNW GAMING, INC | Authentication system for gaming machines and related methods |
| 8745730, | Sep 13 2011 | Amazon Technologies, Inc. | Secure computer provisioning and operation |
| 8874703, | Sep 20 2011 | Amazon Technologies, Inc. | System and method of selectively implementing network configurations |
| 9063752, | Sep 30 2008 | Aristocrat Technologies Australia Pty Limited | Security method |
| 9064117, | Sep 20 2011 | Amazon Technologies, Inc. | Mobile provisioning device |
| 9191275, | Jun 22 2011 | Amazon Technologies, Inc.; Amazon Technologies, Inc | Global computer provisioning |
| 9223562, | Apr 13 2005 | CA, INC | Controllable deployment of software updates |
| 9264223, | Jun 03 2003 | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | System and method for distributed security |
| 9336357, | Sep 28 2012 | Intel Corporation | Secure access management of devices |
| Patent | Priority | Assignee | Title |
| 4696449, | Nov 07 1985 | The Board of Governors of Ryerson Polytechnical Institute | Security device for electronic equipment |
| 5055827, | Feb 20 1990 | Fiber optic security system | |
| 5154456, | Jun 27 1991 | HEWLETT-PACKARD DEVELOPMENT COMPANY, L P | Security locking bracket apparatus for a portable computer |
| 5287519, | Sep 17 1992 | LENOVO SINGAPORE PTE LTD | LAN station personal computer system with controlled data access for normal and unauthorized users and method |
| 5349643, | May 10 1993 | International Business Machines Corporation | System and method for secure initial program load for diskless workstations |
| 5475839, | Mar 28 1990 | National Semiconductor Corporation | Method and structure for securing access to a computer system |
| 5574786, | Feb 06 1995 | LENOVO SINGAPORE PTE LTD | Securing trusted personal computer system against unauthorized movement |
| 5632165, | Sep 26 1995 | Security anchor for laptop computer | |
| 5680547, | Aug 04 1993 | Trend Micro Devices Incorporated | Method and apparatus for controlling network and workstation access prior to workstation boot |
| 5691928, | Apr 05 1995 | Dell USA, L.P. | Portable personal computer having removable security module |
| 5796942, | Nov 21 1996 | CA, INC | Method and apparatus for automated network-wide surveillance and security breach intervention |
| 5826015, | Feb 20 1997 | Hewlett Packard Enterprise Development LP | Method and apparatus for secure remote programming of firmware and configurations of a computer over a network |
| 5892906, | Jul 19 1996 | SAFENET, INC | Apparatus and method for preventing theft of computer devices |
| 5978912, | Mar 20 1997 | KINGLITE HOLDINGS INC | Network enhanced BIOS enabling remote management of a computer without a functioning operating system |
| 6189100, | Jun 30 1998 | Microsoft Technology Licensing, LLC | Ensuring the integrity of remote boot client data |
| 6243813, | Jul 28 1995 | Samsung Electronics Co., Ltd. | Method of detaching a security device from a personal computer |
| 6263388, | Nov 30 1998 | Lenovo PC International | Data processing system and method for remotely disabling network activity in a client computer system |
| Date | Maintenance Fee Events |
| May 19 2006 | M1551: Payment of Maintenance Fee, 4th Year, Large Entity. |
| Aug 03 2006 | ASPN: Payor Number Assigned. |
| Aug 03 2006 | RMPN: Payer Number De-assigned. |
| May 19 2010 | M1552: Payment of Maintenance Fee, 8th Year, Large Entity. |
| May 19 2014 | M1553: Payment of Maintenance Fee, 12th Year, Large Entity. |
| Date | Maintenance Schedule |
| Nov 19 2005 | 4 years fee payment window open |
| May 19 2006 | 6 months grace period start (w surcharge) |
| Nov 19 2006 | patent expiry (for year 4) |
| Nov 19 2008 | 2 years to revive unintentionally abandoned end. (for year 4) |
| Nov 19 2009 | 8 years fee payment window open |
| May 19 2010 | 6 months grace period start (w surcharge) |
| Nov 19 2010 | patent expiry (for year 8) |
| Nov 19 2012 | 2 years to revive unintentionally abandoned end. (for year 8) |
| Nov 19 2013 | 12 years fee payment window open |
| May 19 2014 | 6 months grace period start (w surcharge) |
| Nov 19 2014 | patent expiry (for year 12) |
| Nov 19 2016 | 2 years to revive unintentionally abandoned end. (for year 12) |